logo

Click here to...

See the Cryptolator V 1.2
| Deutsch | English |
Cryptolator - Tool for AES encryption with variable S-Boxes
637C777BF26B6FC53001672BFED7AB76
CA82C97DFA5947F0ADD4A2AF9CA472C0
B7FD9326363FF7CC34A5E5F171D83115
04C723C31896059A071280E2EB27B275
09832C1A1B6E5AA0523BD6B329E32F84
53D100ED20FCB15B6ACBBE394A4C58CF
D0EFAAFB434D338545F9027F503C9FA8
51A3408F929D38F5BCB6DA2110FFF3D2
CD0C13EC5F974417C4A77E3D645D1973
60814FDC222A908846EEB814DE5E0BDB
E0323A0A4906245CC2D3AC629195E479
E7C8376D8DD54EA96C56F4EA657AAE08
BA78252E1CA6B4C6E8DD741F4BBD8B8A
703EB5664803F60E613557B986C11D9E
E1F8981169D98E949B1E87E9CE5528DF
8CA1890DBFE6426841992D0FB054BB16
info   info Initialization Vector info   Key info     Result info info

Messages
X
The cryptolator supports 3 blocks of data as input for the encryption or decryption. Each block is 16 byte long. The data must be input in hexadecimal notation. 0..9 and A..F are valid. Initially the fields are preset to 00.

It is not rquired to enter data in all 3 blocks, except whenyou show the selfsynchronization effect in CBC mode.
The reference data are usefull when you programed your own encryption engine and you want to verify the correct operation. The reference data are part of the orininal NIST publication FIPS-197.

For a complete test more data must be used. For example the NIST reference data in ECB mode do not detect certain modifications to the S-Boxes. Try it by yourself. Load the standard AES box and modify it by swapping the values 2B and 16. Hint: 2B is second last in row 16 is the last byte in the last row. The encrypted result is the same with and without this modification. With 14 encryption round as implemented in the AES-256 it is not always guaranteed that all bytes of the S-Box are used. This is no weakness of the algorithm.
The initialization vector often named IV is only used in CBC mode. In that mode the input data are first xored with the IV before they are feed into the algorithm. Then the output of the first block is used to xor the input of the second block, and so on. The effect of the CBC mode is that all following encrypted data are effected and look different when a single bit is changed. In many CE-Infosys systems is an additional block added in front of the original data. This block is random choosen and provides this hiding effect. In such a case the IV of 0 is used. If the same data are encrypted twice with the same they look completely different because of the CBC mode.
The key used for all CE-Infosys products including the Cryptolator is 256 bit long. The key is input as 2 16 byte long hexadecimal values. Again you can click on a button to use the NIST reference values or a 00 value. Try what happens to the encryption result when you change a single key bit.
The encrypted or decrypted result is displayed here as 3 blocks of 16 byte long hexadecimal values.
The buttons do what they say. Output to input places the data from the 3 output blocks back to the input blocks. Try to encrypt 3 blocks in ECB mode, use any data and any key and observe the output. Click Output to Input and press decrypt ECB mode. The original data appear in the output blocks.

When you click any of the encryption or decryption button, the data, the key, the IV and your S-Box are sent to the server and processed at the server. Afterwards the result is sent back to your browser to update the output fields.

A brief explanation what you can do with the Cryptolator and how it works


The Cryptolator encrypts and decrypts blocks of data. Each block is 16 byte long. You can define the input data, the key and for CBC mode also the Initialization Vector. A total of 3 blocks can be input at a time, but the Cryptolator works also with a single block or two. Three blocks are needed to see some special effects with CBC mode. You can encrypt or decrypt the input data. When you transfer after an encryption the result to the input fields and decrypt now, the original input appears as result.


Try this: Encrypt a block of reference data using any key and any IV in CBC mode. Transfer the result to the input. Now change a singe byte of this input in the first block only. This means at a single position the data are a little manipulated. Now decrypt using CBC mode again. Of course you have to use the same key and the same IV as used for the encryption. See the result. The first block is totally damaged, the second block is only wrong at the position where you changed the input byte and the third block is correct. If there were more blocks all the following blocks would be correct. This is called the self-synchronizing effect of a CBC block cipher. Meaning, if you transmit a message and the receiver knows only the key but not the IV he can still use the message if you make the message at the front two blocks longer. These two blocks must not contain any meaningful data, they could be filled with random or with zeros. Using random, either as IV or as filling blocks has the effect that two identical messages encrypted with the same key look totally different (all blocks) each time. This is a nice hiding effect.


The AES algorithm uses a S-Box as non linear element in the algorithm. This S-Box can be manipulated in order to see the effect of the box on the encryption. You can use the standard AES box, a random generated AES box or define one by yourself. There are 256! different boxes possible. This is a decimal number with 506 digits.  

NIST provides the detailed AES standard FIPS197

PS.: The next version of the Cryptolator will provide functions to test some quality parameters on the S-Boxes.


> top <


Other Products & More Information

- Commercial Product Concept
- Network Encryption Products
- PC Encryption Products

Network Encryption Products
- PocketCryptor
- MicroCryptor
- PowerCryptor
- GigaCryptor
- IP Crypt Client

PC Encryption Products
- Managed CompuSec®
- CompuSec® e-Identity®
- CompuSec® HSM
- CompuSec® Mobile

Product Management
- eHelp
- GlobalAdmin